chore: fix dependabot alerts (#2302)

https://github.com/project-zot/zot/pull/2297 https://github.com/project-zot/zot/pull/2298 Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2024-12-16 21:56:37 -05:00 · 2024-03-07 11:20:35 -08:00 · 2024-03-07 11:20:35 -08:00 · 2dd1fc9316
commit 2dd1fc9316
parent 18235ca254
3 changed files with 22 additions and 20 deletions
--- a/THIRD-PARTY-LICENSES.md
+++ b/THIRD-PARTY-LICENSES.md
@ -94,8 +94,8 @@ github.com/aws/aws-sdk-go-v2/service/ssooidc|https://github.com/aws/aws-sdk-go-v
 github.com/aws/aws-sdk-go-v2/service/sso|https://github.com/aws/aws-sdk-go-v2/blob/service/sso/v1.20.1/service/sso/LICENSE.txt|Apache-2.0
 github.com/aws/aws-sdk-go-v2/service/sts|https://github.com/aws/aws-sdk-go-v2/blob/service/sts/v1.28.1/service/sts/LICENSE.txt|Apache-2.0
 github.com/aws/aws-sdk-go-v2|https://github.com/aws/aws-sdk-go-v2/blob/v1.25.2/LICENSE.txt|Apache-2.0
-github.com/aws/aws-sdk-go/internal/sync/singleflight|https://github.com/aws/aws-sdk-go/blob/v1.50.30/internal/sync/singleflight/LICENSE|BSD-3-Clause
-github.com/aws/aws-sdk-go|https://github.com/aws/aws-sdk-go/blob/v1.50.30/LICENSE.txt|Apache-2.0
+github.com/aws/aws-sdk-go/internal/sync/singleflight|https://github.com/aws/aws-sdk-go/blob/v1.50.33/internal/sync/singleflight/LICENSE|BSD-3-Clause
+github.com/aws/aws-sdk-go|https://github.com/aws/aws-sdk-go/blob/v1.50.33/LICENSE.txt|Apache-2.0
 github.com/aws/smithy-go/internal/sync/singleflight|https://github.com/aws/smithy-go/blob/v1.20.1/internal/sync/singleflight/LICENSE|BSD-3-Clause
 github.com/aws/smithy-go/logging|https://github.com/aws/smithy-go/blob/v1.20.1/LICENSE|Apache-2.0
 github.com/aws/smithy-go|https://github.com/aws/smithy-go/blob/v1.20.1/LICENSE|Apache-2.0
@ -391,10 +391,10 @@ go.opentelemetry.io/otel/trace|https://github.com/open-telemetry/opentelemetry-g
 go.opentelemetry.io/otel|https://github.com/open-telemetry/opentelemetry-go/blob/v1.22.0/LICENSE|Apache-2.0
 go.uber.org/multierr|https://github.com/uber-go/multierr/blob/v1.11.0/LICENSE.txt|MIT
 go.uber.org/zap|https://github.com/uber-go/zap/blob/v1.26.0/LICENSE.txt|MIT
-golang.org/x/crypto/md4|https://cs.opensource.google/go/x/crypto/+/v0.20.0:LICENSE|BSD-3-Clause
-golang.org/x/crypto/pbkdf2|https://cs.opensource.google/go/x/crypto/+/v0.20.0:LICENSE|BSD-3-Clause
-golang.org/x/crypto/pkcs12|https://cs.opensource.google/go/x/crypto/+/v0.20.0:LICENSE|BSD-3-Clause
-golang.org/x/crypto|https://cs.opensource.google/go/x/crypto/+/v0.20.0:LICENSE|BSD-3-Clause
+golang.org/x/crypto/md4|https://cs.opensource.google/go/x/crypto/+/v0.21.0:LICENSE|BSD-3-Clause
+golang.org/x/crypto/pbkdf2|https://cs.opensource.google/go/x/crypto/+/v0.21.0:LICENSE|BSD-3-Clause
+golang.org/x/crypto/pkcs12|https://cs.opensource.google/go/x/crypto/+/v0.21.0:LICENSE|BSD-3-Clause
+golang.org/x/crypto|https://cs.opensource.google/go/x/crypto/+/v0.21.0:LICENSE|BSD-3-Clause
 golang.org/x/exp/constraints|https://cs.opensource.google/go/x/exp/+/9a3e6036:LICENSE|BSD-3-Clause
 golang.org/x/mod/semver|https://cs.opensource.google/go/x/mod/+/v0.14.0:LICENSE|BSD-3-Clause
 golang.org/x/mod|https://cs.opensource.google/go/x/mod/+/v0.14.0:LICENSE|BSD-3-Clause
@ -405,10 +405,10 @@ golang.org/x/oauth2|https://cs.opensource.google/go/x/oauth2/+/v0.17.0:LICENSE|B
 golang.org/x/sync/errgroup|https://cs.opensource.google/go/x/sync/+/v0.6.0:LICENSE|BSD-3-Clause
 golang.org/x/sync/semaphore|https://cs.opensource.google/go/x/sync/+/v0.6.0:LICENSE|BSD-3-Clause
 golang.org/x/sync|https://cs.opensource.google/go/x/sync/+/v0.6.0:LICENSE|BSD-3-Clause
-golang.org/x/sys/cpu|https://cs.opensource.google/go/x/sys/+/v0.17.0:LICENSE|BSD-3-Clause
-golang.org/x/sys/unix|https://cs.opensource.google/go/x/sys/+/v0.17.0:LICENSE|BSD-3-Clause
-golang.org/x/sys|https://cs.opensource.google/go/x/sys/+/v0.17.0:LICENSE|BSD-3-Clause
-golang.org/x/term|https://cs.opensource.google/go/x/term/+/v0.17.0:LICENSE|BSD-3-Clause
+golang.org/x/sys/cpu|https://cs.opensource.google/go/x/sys/+/v0.18.0:LICENSE|BSD-3-Clause
+golang.org/x/sys/unix|https://cs.opensource.google/go/x/sys/+/v0.18.0:LICENSE|BSD-3-Clause
+golang.org/x/sys|https://cs.opensource.google/go/x/sys/+/v0.18.0:LICENSE|BSD-3-Clause
+golang.org/x/term|https://cs.opensource.google/go/x/term/+/v0.18.0:LICENSE|BSD-3-Clause
 golang.org/x/text|https://cs.opensource.google/go/x/text/+/v0.14.0:LICENSE|BSD-3-Clause
 golang.org/x/time/rate|https://cs.opensource.google/go/x/time/+/v0.5.0:LICENSE|BSD-3-Clause
 golang.org/x/tools|https://cs.opensource.google/go/x/tools/+/v0.17.0:LICENSE|BSD-3-Clause
--- a/go.mod
+++ b/go.mod
@ -39,7 +39,7 @@ require (
 	github.com/swaggo/swag v1.16.3
 	github.com/vektah/gqlparser/v2 v2.5.11
 	go.etcd.io/bbolt v1.3.9
-	golang.org/x/crypto v0.20.0
+	golang.org/x/crypto v0.21.0
 	gopkg.in/resty.v1 v1.12.0
 	gopkg.in/yaml.v2 v2.4.0
 )
@ -67,7 +67,7 @@ require (

 require (
 	golang.org/x/sync v0.6.0 // indirect
-	golang.org/x/sys v0.17.0 // indirect
+	golang.org/x/sys v0.18.0 // indirect
 	golang.org/x/text v0.14.0 // indirect
 )

@ -288,7 +288,7 @@ require (
 	github.com/aquasecurity/go-pep440-version v0.0.0-20210121094942-22b2f8951d46 // indirect
 	github.com/aquasecurity/go-version v0.0.0-20210121072130-637058cfe492 // indirect
 	github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 // indirect
-	github.com/aws/aws-sdk-go v1.50.30
+	github.com/aws/aws-sdk-go v1.50.33
 	github.com/aws/aws-sdk-go-v2 v1.25.2
 	github.com/aws/aws-sdk-go-v2/config v1.27.4
 	github.com/aws/aws-sdk-go-v2/credentials v1.17.4 // indirect
@ -481,7 +481,7 @@ require (
 	golang.org/x/exp v0.0.0-20231110203233-9a3e6036ecaa
 	golang.org/x/mod v0.14.0 // indirect
 	golang.org/x/net v0.21.0 // indirect
-	golang.org/x/term v0.17.0 // indirect
+	golang.org/x/term v0.18.0 // indirect
 	golang.org/x/time v0.5.0 // indirect
 	golang.org/x/tools v0.17.0 // indirect
 	golang.org/x/xerrors v0.0.0-20231012003039-104605ab7028 // indirect
--- a/go.sum
+++ b/go.sum
@ -403,8 +403,8 @@ github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 h1:DklsrG3d
 github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw=
 github.com/aws/aws-sdk-go v1.44.122/go.mod h1:y4AeaBuwd2Lk+GepC1E9v0qOiTws0MIWAX4oIKwKHZo=
 github.com/aws/aws-sdk-go v1.47.10/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk=
-github.com/aws/aws-sdk-go v1.50.30 h1:2OelKH1eayeaH7OuL1Y9Ombfw4HK+/k0fEnJNWjyLts=
-github.com/aws/aws-sdk-go v1.50.30/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk=
+github.com/aws/aws-sdk-go v1.50.33 h1:/SKPJ7ZVPCFOYZyTKo5YdjeUEeOn2J2M0qfDTXWAoEU=
+github.com/aws/aws-sdk-go v1.50.33/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk=
 github.com/aws/aws-sdk-go-v2 v1.21.2/go.mod h1:ErQhvNuEMhJjweavOYhxVkn2RUx7kQXVATHrjKtxIpM=
 github.com/aws/aws-sdk-go-v2 v1.25.2 h1:/uiG1avJRgLGiQM9X3qJM8+Qa6KRGK5rRPuXE0HUM+w=
 github.com/aws/aws-sdk-go-v2 v1.25.2/go.mod h1:Evoc5AsmtveRt1komDwIsjHFyrP5tDuF1D1U+6z6pNo=
@ -1617,8 +1617,8 @@ golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliY
 golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4=
 golang.org/x/crypto v0.15.0/go.mod h1:4ChreQoLWfG3xLDer1WdlH5NdlQ3+mwnQq1YTKY+72g=
 golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU=
-golang.org/x/crypto v0.20.0 h1:jmAMJJZXr5KiCw05dfYK9QnqaqKLYXijU23lsEdcQqg=
-golang.org/x/crypto v0.20.0/go.mod h1:Xwo95rrVNIoSMx9wa1JroENMToLWn3RNVrTBpLHgZPQ=
+golang.org/x/crypto v0.21.0 h1:X31++rzVUdKhX5sWmSOFZxx8UW/ldWx55cbf08iNAMA=
+golang.org/x/crypto v0.21.0/go.mod h1:0BP7YvVV9gBbVKyeTG0Gyn+gZm94bibOW5BjDEYAOMs=
 golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
@ -1856,8 +1856,9 @@ golang.org/x/sys v0.9.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.14.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
-golang.org/x/sys v0.17.0 h1:25cE3gD+tdBA7lp7QfhuV+rJiE9YXTcS3VG1SqssI/Y=
 golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.18.0 h1:DBdB3niSjOA/O0blCZBqDefyWNYveAYMNF1Wum0DYQ4=
+golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
 golang.org/x/term v0.0.0-20220526004731-065cf7ba2467/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
@ -1870,8 +1871,9 @@ golang.org/x/term v0.9.0/go.mod h1:M6DEAAIenWoTxdKrOltXcmDY3rSplQUkrvaDU5FcQyo=
 golang.org/x/term v0.12.0/go.mod h1:owVbMEjm3cBLCHdkQu9b1opXd4ETQWc3BhuQGKgXgvU=
 golang.org/x/term v0.13.0/go.mod h1:LTmsnFJwVN6bCy1rVCoS+qHT1HhALEFxKncY3WNNh4U=
 golang.org/x/term v0.14.0/go.mod h1:TySc+nGkYR6qt8km8wUhuFRTVSMIX3XPR58y2lC8vww=
-golang.org/x/term v0.17.0 h1:mkTF7LCd6WGJNL3K1Ad7kwxNfYAW6a8a8QqtMblp/4U=
 golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk=
+golang.org/x/term v0.18.0 h1:FcHjZXDMxI8mM3nwhX9HlKop4C0YQvCVCdwYl2wOtE8=
+golang.org/x/term v0.18.0/go.mod h1:ILwASektA3OnRv7amZ1xhE/KTR+u50pbXfZ03+6Nx58=
 golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=